Rooms & schedule are subject to change! Early september we'll ask everyone to bookmark their favorite sessions and based on popularity we'll update the sessions.
ACD314

More Network Security: Forward Proxy on AWS Network Firewall & Fargate

Room: Zaal 8 | Time: 15:30

We’ve crafted a robust, scalable forward proxy solution integrating AWS Network Firewall, Squid Proxy, Fluentbit, Dnsmasq, and Telegraf - all components in containers.

🌐 The AWS Network Firewall serves as a transparent proxy, applying stateful and stateless whitelist blocking rules.

🦑 Squid Proxy, operating as an explicit proxy, is deployed in an ECS container alongside Fluentbit, which forwards logs to AWS CloudWatch.

🔧 Dnsmasq, also in an ECS container, resolves DNS issues related to Let’s Encrypt, ensuring smooth SSL/TLS certificate management.

📈 Telegraf monitors both proxy types, sending real-time performance metrics to Grafana and triggering AWS CloudWatch alarms for proactive issue resolution.

All in containers, and managed entirely by Amazon Fargate, simplifies container orchestration. The entire system is further streamlined through automation via a CI/CD pipeline, enhancing security, efficiency, and cost-effectiveness while maintaining excellent visibility and control.

Michal Salanci
Senior DevOps Engineer in Deutsche Telekom Systems Solutions, Slovakia